Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MiracleLinux 3 : kernel-2.6.18-53.21AXS3 (AXSA:2009-22:03)

🗓️ 14 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 3 Views

MiracleLinux 3 host kernel vulnerable to multiple CVEs per AXSA advisory.

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today		Linux Kernel <= 2.6.27.8 ATMSVC Local Denial of Service Exploit
10 Dec 200800:00
zdt
0day.today		Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
28 Apr 200900:00
zdt
0day.today		Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
10 Aug 200900:00
zdt
Tenable Nessus		CentOS 4 : kernel (CESA-2009:0014)
6 Jan 201000:00
nessus
Tenable Nessus		CentOS 4 : kernel (CESA-2009:0331)
6 Jan 201000:00
nessus
Tenable Nessus		CentOS 3 : kernel (CESA-2009:1550)
29 Jun 201300:00
nessus
Tenable Nessus		Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation
5 Dec 200800:00
nessus
Tenable Nessus		Debian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation
16 Dec 200800:00
nessus
Tenable Nessus		Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak
23 Mar 200900:00
nessus
Tenable Nessus		Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak
4 May 200900:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2009-22:03.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(284420);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/12");

  script_cve_id(
    "CVE-2008-4933",
    "CVE-2008-4934",
    "CVE-2008-5025",
    "CVE-2008-5029",
    "CVE-2008-5079",
    "CVE-2008-5182",
    "CVE-2008-5713",
    "CVE-2009-0031",
    "CVE-2009-0065"
  );

  script_name(english:"MiracleLinux 3 : kernel-2.6.18-53.21AXS3 (AXSA:2009-22:03)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2009-22:03 advisory.

    The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel
    handles the basic functions of the operating system: memory allocation, process allocation, device input
    and output, etc.
    Bugs fixed:
    CVE-2008-5029
    The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes
    indirect recursive calls to itself through calls to the fput function, which allows local users to cause a
    denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain
    socket and closing file descriptors.
    CVE-2008-5079
    net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a
    denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then
    reading a /proc/net/atm/*vc file, related to corruption of the vcc table.
    CVE-2008-5182
    The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges
    via unknown vectors related to race conditions in inotify watch removal and umount.
    CVE-2008-4933
    Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before
    2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an
    hfsplus filesystem image with an invalid catalog namelength field, related to the
    hfsplus_cat_build_key_uni function.
    CVE-2008-4934
    The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not
    check a certain return value from the read_mapping_page function before calling kmap, which allows
    attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image.
    CVE-2008-5025
    Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel
    before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an
    hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.
    CVE-2008-5713
    The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines
    allows local users to cause a denial of service (soft lockup) by sending a large amount of network
    traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in
    UDP_STREAM mode.
    CVE-2009-0031
    Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel
    2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via
    unknown vectors related to a missing kfree.
    CVE-2009-0065
    Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp)
    implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact
    via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
    Other bugs:
    [IPv6] Fix source address/interface selection.
    When bonding two e1000 NIC(eth0, eth1) into one bonding device (bond0) and using the command ping6 -I
    specifying bond0 global address, the ping6 packet is sent as from eth0 and bond0 does not receive the
    reply packet.
    VLAN devices 'features' were not set adequately, resulting in possible performance loss (seen on NIC e1000
    with TSO capability)
    Support for Nehalem-EP C6 state (power saving feature).

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/659");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2009-0065");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2009-0031");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/11/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/03/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'kernel-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-2.6.18-53.21AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.18-53.21AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.18-53.21AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-PAE-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-PAE-devel-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-2.6.18-53.21AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-devel-2.6.18-53.21AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-devel-2.6.18-53.21AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Feb 2026 00:00Current
6Medium risk
Vulners AI Score6
CVSS 210
EPSS0.15492
MiracleLinux threekernel vulnerabilitycve 2008 5029cve 2008 5079cve 2008 5182cve 2008 4933cve 2008 4934advisory 2009 22 03
3